What Is AVSEC? Aviation Security and ICAO Annex 17 Explained
AVSEC (Aviation Security) is the discipline of protecting civil aviation from deliberate, unlawful acts — hijacking, sabotage, attacks and insider threats. Learn how ICAO Annex 17 frames it and how it differs from aviation safety.
Annika Brandt · AVSEC Compliance Analyst
AVSEC — short for Aviation Security — is the discipline of protecting civil aviation against acts of unlawful interference: hijacking, sabotage, bombings, attacks on airports, cyber intrusion and insider threats. It is defined globally by ICAO Annex 17 and is fundamentally about deliberate harm, which sets it apart from aviation safety, which deals with accidents.
What does AVSEC stand for?
AVSEC is simply a contraction of Aviation Security. You will see it used as a noun for the whole field ("our AVSEC programme"), as a job descriptor ("AVSEC officer"), and as a modifier ("AVSEC training"). It is the standard shorthand across regulators, airlines and airports worldwide.
AVSEC vs aviation safety: what is the difference?
This is the single most important distinction in the field, and the two are often confused:
- Safety protects against accidental harm — mechanical failure, weather, human error, fatigue.
- Security protects against intentional harm — people deliberately trying to damage aircraft, passengers or infrastructure.
They have different regulations (Annex 17 for security, Annexes 19 and others for safety), different teams, and different mindsets: safety engineers ask "what could fail?" while security professionals ask "who would attack, and how?" The lines blur at the edges — a security event can become a safety event in seconds — but the disciplines remain distinct. See the glossary for how related terms fit together.
What is ICAO Annex 17?
ICAO Annex 17 — Security: Safeguarding International Civil Aviation Against Acts of Unlawful Interference — is the international standard that defines the baseline of aviation security. It sets out Standards and Recommended Practices (SARPs) that every contracting state must translate into its own National Civil Aviation Security Programme (NCASP).
Annex 17 covers areas such as:
- Access control to secure (airside) areas.
- Screening of passengers, baggage, cargo and mail.
- Measures against the insider threat.
- Response to acts of unlawful interference.
- Quality control and oversight of security measures.
It is the reason airport security looks broadly similar whether you fly from Istanbul, London or São Paulo — all are implementing the same global baseline, adapted to local law.
What threats does AVSEC address?
The threat landscape AVSEC defends against has broadened well beyond the classic hijacking:
- Hijacking and unlawful seizure of aircraft.
- Sabotage and bombing — explosives in baggage, cargo or onboard.
- Insider threat — trusted staff exploiting legitimate access.
- Landside attacks — strikes on the public, unsecured areas of terminals.
- Standoff and perimeter attacks — including MANPADS and rocket fire from outside the fence.
- Cyber attacks on aviation systems and data.
The defining feature of all of them is intent — and intent can adapt, which is why AVSEC must be intelligence-led rather than purely procedural.
How does intelligence support AVSEC?
Screening and access control are the visible layer of AVSEC, but they are most effective when guided by knowledge of where the threat actually is. This is the role of aviation security intelligence: identifying which destinations face elevated insider risk, which airports are exposed to standoff attacks, and where the threat environment is deteriorating.
Procedures stop yesterday's attack. Intelligence anticipates tomorrow's — and tells you where to concentrate scarce security resources.
For an operator, AVSEC and intelligence converge in concrete decisions: whether a destination's security posture is acceptable, what crew should be briefed on for a layover, and how these factors feed the flight risk assessment.
Frequently asked questions
Is AVSEC the same as airport security?
Airport security is part of AVSEC, but AVSEC is broader — it also covers aircraft, cargo, in-flight security, cyber and the policy framework behind them.
Who regulates AVSEC?
Globally, ICAO sets the standard through Annex 17. Each state then enforces it through a national authority and its NCASP — for example the TSA in the US or national civil aviation authorities elsewhere.
What is the difference between AVSEC and a FRAT?
AVSEC is the overall security discipline; a FRAT is a specific tool that incorporates security factors (among others) into a per-flight risk score.
Continue with What is aviation security intelligence? to see how the threat picture is built, or scan the aviation security glossary for definitions.
Related
Baltic GPS Jamming in 2025: A GNSS Integrity Case Study
GPS jamming over the Baltic became routine in 2025. Lithuania logged more than 1,000 interference reports in June alone — 22 times the prior year — and jamming has already forced scheduled flights to divert.
What Is Crew Layover Security? Duty of Care for Airline Crews
Crew layover security is the protection of flight crews during rest periods away from base — at hotels and in destination cities. Learn the risks, the duty-of-care obligation behind it, and how airlines monitor and brief their crews.
What Is a Flight Risk Assessment Tool (FRAT)?
A Flight Risk Assessment Tool (FRAT) is a structured method for scoring the cumulative risk of a specific flight before departure. Learn what factors it weighs, why regulators expect it, and how automated FRATs differ from paper checklists.